How do I add my project?
In https://about.gitlab.com/handbook/engineering/gitlab-repositories/#creating-a-new-project the 5th step is "Help AppSec categorizing your new project."
Recently I created https://gitlab.com/gitlab-com/gl-security/appsec/tooling/public-mr-confidential-issue-detector/ and I'm working through the checklist at gitlab-com/gl-security/appsec/tooling/public-mr-confidential-issue-detector#19.
I don't understand if/how to add or categorize my project
Am I supposed to add a yml
file to my project? I'd say the categories are:
-
red_data
(because it can read confidential issues) -
internal
(it's in a public repo and others are free to use it, but it's primary use is internally) -
use_pat
(uses the PAT of a specifically created service account)
Perhaps we also need to create or update documentation for this. It could live here in this repo or at https://handbook.gitlab.com/handbook/security/security-engineering/application-security/inventory.